我正在尝试在openstack中运行监控服务,但是我收到了这个错误:
~$ monasca metric-list
Authorization failed: The resource could not be found. (HTTP 404)
当我检查日志文件时,这就是我找到的原因:
2016-09-20 10:27:36.357 27771 WARNING keystonemiddleware.auth_token [-] Fetch revocation list failed, fallback to online validation.
2016-09-20 10:27:36.376 27771 ERROR keystonemiddleware.auth_token [-] Bad response code while validating token: 403
2016-09-20 10:27:36.377 27771 WARNING keystonemiddleware.auth_token [-] Identity response: {"error": {"message": "You are not authorized to perform the requested action, identity:validate_token.", "code": 403, "title": "Forbidden"}}
2016-09-20 10:27:36.377 27771 CRITICAL keystonemiddleware.auth_token [-] Unable to validate token: Failed to fetch token data from identity server
这是keystone中的服务,项目,用户,角色和端点
+----------------------------------+----------+------------+
| ID | Name | Type |
+----------------------------------+----------+------------+
| 1c38cf31124d404783561793fc1fb7f0 | monasca | monitoring |
| 1eb72109ea604b6e8f2bd264787ca370 | keystone | identity |
+----------------------------------+----------+------------+
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 733a0a1369f94f6ab31b8875ef19e0ee | service |
| 9e732f1a2aca48e098daf62bb230f85e | monasca |
| f2df2111f893434f83fda7d5bd6cac4a | admin |
+----------------------------------+---------+
+----------------------------------+---------------+
| ID | Name |
+----------------------------------+---------------+
| 3a1b8582a11f4e07b3a21e84e9fb7c23 | monasca-user |
| 559752237e824d81a6133494b63c5789 | monasca-agent |
| 5bcf19af4e8e4067a5679e6a0f2f88f1 | admin |
+----------------------------------+---------------+
+----------------------------------+---------------+
| ID | Name |
+----------------------------------+---------------+
| 1679c1c099b543db96ac4412be21b15a | admin |
| 6ca31578625c49568085284dee72e4b8 | monasca-agent |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| a3267f589e7342ceaedef57ea9e4aac2 | monasca-user |
+----------------------------------+---------------+
+----------------------------------+-----------+--------------+--------------+---------+-----------+------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+------------------------------+
| 3fbfc68e9f894e47846b896c6c8d3f3e | RegionOne | keystone | identity | True | internal | http://controller:5000/v2.0 |
| 470043a7f6364add902548df6fb7b60e | RegionOne | monasca | monitoring | True | public | http://localhost:8082/v2.0 |
| 9e68606b37084cbeb95106ff1bede0cb | RegionOne | monasca | monitoring | True | internal | http://localhost:8082/v2.0 |
| b4273c72671e4fac99e7d2bc6334156c | RegionOne | monasca | monitoring | True | admin | http://localhost:8082/v2.0 |
| d27bb34d619443658ca745b9fee1c967 | RegionOne | keystone | identity | True | admin | http://controller:35357/v2.0 |
| f736ebca8ac24b78bdf1dff60ac86ab1 | RegionOne | keystone | identity | True | public | http://controller:5000/v2.0 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+------------------------------+
这是我的api.conf文件中的keystone部分:
[keystone_authtoken]
identity_uri = http://controller:35357
auth_uri = http://controller:5000/v3
admin_password = PASSWORD
admin_user = monasca-user
admin_tenant_name = monasca
cafile =
certfile =
keyfile =
insecure = false
文件以获取身份服务的令牌
export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=PASSWORD
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
以及监控服务
export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=monasca
export OS_TENANT_NAME=monasca
export OS_USERNAME=monasca-user
export OS_PASSWORD=PASSWORD
export OS_AUTH_URL=http://controller:35357/
export OS_IDENTITY_API_VERSION=3
我可以找到配置的错误
答案 0 :(得分:0)
您是否可以运行以下命令?
openstack token issue
为什么端点中有localhost?
答案 1 :(得分:0)
您可以使用--debug选项为monasca命令获取更多详细信息
我认为问题在于您使用指定的版本注册keystone端点,而在env var中版本是另一个版本。建议不要在端点中包含版本号,尤其是keystone版本号。请检查安装手册并按照其说明进行操作